From owner-freebsd-hackers@FreeBSD.ORG  Sat Sep 18 05:44:11 2004
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4E86016A4CE
	for <freebsd-hackers@freebsd.org>;
	Sat, 18 Sep 2004 05:44:11 +0000 (GMT)
Received: from skippyii.compar.com (old.compar.com [216.208.38.130])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5ECBF43D41
	for <freebsd-hackers@freebsd.org>;
	Sat, 18 Sep 2004 05:44:00 +0000 (GMT)
	(envelope-from matt@gsicomp.on.ca)
Received: from hermes (CPE00062566c7bb-CM000039c69a66.cpe.net.cable.rogers.com
	[69.193.82.185])i8I5lOs9044467;	Sat, 18 Sep 2004 01:48:01 -0400 (EDT)
	(envelope-from matt@gsicomp.on.ca)
Message-ID: <006201c49d42$0c751aa0$1200a8c0@gsicomp.on.ca>
From: "Matt Emmerton" <matt@gsicomp.on.ca>
To: "Mike Meyer" <mwm@mired.org>
References:
	<4146316C000077FD@ims3a.cp.tin.it><20040916235936.GO23987@parcelfarce.linux.theplanet.co.uk><20040918025217.GB54961@silverwraith.com><20040918030531.GA23987@parcelfarce.linux.theplanet.co.uk><001801c49d38$1c8cb790$1200a8c0@gsicomp.on.ca>
	<16715.50688.830652.474272@guru.mired.org>
Date: Sat, 18 Sep 2004 01:39:01 -0400
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1437
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
cc: viro@parcelfarce.linux.theplanet.co.uk
cc: gerarra@tin.it
cc: freebsd-hackers@freebsd.org
Subject: Re: FreeBSD Kernel buffer overflow
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Sep 2004 05:44:11 -0000


----- Original Message ----- 
From: "Mike Meyer" <mwm@mired.org>
To: "Matt Emmerton" <matt@gsicomp.on.ca>
Cc: <viro@parcelfarce.linux.theplanet.co.uk>; "Avleen Vig"
<lists-freebsd@silverwraith.com>; <freebsd-hackers@freebsd.org>;
<gerarra@tin.it>
Sent: Saturday, September 18, 2004 1:22 AM
Subject: Re: FreeBSD Kernel buffer overflow


> In <001801c49d38$1c8cb790$1200a8c0@gsicomp.on.ca>, Matt Emmerton
<matt@gsicomp.on.ca> typed:
> > I disagree.  It really comes down to how secure you want FreeBSD to be,
and
> > the attitude of "we don't need to protect against this case because
anyone
> > who does this is asking for trouble anyway" is one of the main reason
why
> > security holes exist in products today.  (Someone else had brought this
up
> > much earlier on in the thread.)
>
> You haven't been paying close enough attention to the discussion. To
> exploit this "security problem" you have to be root. If it's an
> external attacker, you're already owned.

I'm well aware of that fact.  That's still not a reason to protect against
the problem.

If your leaky bucket has 10 holes in it, would you at least try and plug
some of them?

--
Matt Emmerton